MicTray64[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

MicTray64.exe
Size

2.6MB
MD5

179f32a85c41c36563bc3569e5aac9cf
SHA1

1ae10144feb21b3357fd2d661e3b23fc20c0bfcf
SHA256

c046c7f364b42388bb392874129da555d9c688dced3ac1d6a1c6b01df29ea7a8
SHA512

b12bc699d077d0488e14ad037812c5283d051ce92501a635d68e73e378d9e6fd779474662aedcf172d1e66eae4073fcfefcde428cd101303694f29b51125f354
SSDEEP

49152:4qr0xolkoXalAqiuqoxxjvC3TS29VsOaN53x4l:TklpJcS29raJY

Score

1^/10

Malware Config

Signatures

Files

MicTray64.exe
.exe windows x64

2e6fc4ad80ea454a5e231cfd69afacde

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

71:95:4b:e4:1c:9e:ac:fc:c5:c8:3e:6b:14:76:1d:b9
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

08/06/2015, 00:00

Not After

02/07/2017, 23:59

Subject

CN=Conexant Systems\, Inc.,O=Conexant Systems\, Inc.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f8:b1:5d:fe:71:23:0e:43:39:54:85:92:6a:b5:72:f4:13:f1:8d:28
Signer

Actual PE Digest

f8:b1:5d:fe:71:23:0e:43:39:54:85:92:6a:b5:72:f4:13:f1:8d:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

hid

HidD_GetInputReport
HidD_FreePreparsedData
HidD_GetPreparsedData
HidD_GetHidGuid
HidD_GetAttributes
HidP_GetCaps

kernel32

VirtualQuery
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
SetEnvironmentVariableA
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
VirtualAlloc
GetSystemInfo
HeapQueryInformation
CreateFileW
SetFilePointer
WriteFile
OutputDebugStringW
CloseHandle
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
GetCurrentThreadId
GetModuleFileNameW
lstrcpyW
lstrlenW
DeviceIoControl
WaitForSingleObject
CreateEventW
LoadResource
LockResource
SizeofResource
FindResourceW
ReadFile
GetOverlappedResult
CancelIo
ResetEvent
LocalAlloc
LocalSize
LocalFree
RaiseException
InitializeCriticalSectionEx
SetEvent
Sleep
CreateThread
GetVersion
FreeLibrary
GetModuleHandleW
GetProcAddress
WaitForMultipleObjects
LoadLibraryW
SetLastError
GetCurrentProcess
FlushInstructionCache
OutputDebugStringA
DecodePointer
ExitThread
IsProcessorFeaturePresent
IsDebuggerPresent
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
GetTempPathW
GetTempFileNameW
HeapAlloc
HeapReAlloc
VerifyVersionInfoW
VerSetConditionMask
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
GetWindowsDirectoryW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
GetCurrentDirectoryW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
FileTimeToSystemTime
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetVersionExW
GetCurrentThread
ResumeThread
SetThreadPriority
GlobalFindAtomW
lstrcmpW
GlobalDeleteAtom
FreeResource
GetSystemDirectoryW
InitializeCriticalSectionAndSpinCount
EncodePointer
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalGetAtomNameW
GlobalAddAtomW
GetModuleHandleExW
GetCurrentProcessId
WideCharToMultiByte
CopyFileW
FormatMessageW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
MultiByteToWideChar
lstrcmpiW
LoadLibraryExW
CreateMutexW
ReleaseMutex
GetProcessHeap
HeapSize
HeapFree
VirtualFree

user32

MapDialogRect
DestroyCursor
GetWindowRgn
DrawIcon
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
DrawFocusRect
GetNextDlgGroupItem
LockWindowUpdate
SetCapture
SetRect
WindowFromPoint
CharUpperW
SendDlgItemMessageA
CopyImage
SetParent
DeleteMenu
GetSystemMenu
IsRectEmpty
UnionRect
RealChildWindowFromPoint
MapVirtualKeyW
GetKeyNameTextW
GetSysColorBrush
ShowOwnedPopups
TranslateMessage
GetMessageW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
GetMonitorInfoW
MonitorFromWindow
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongPtrW
PtInRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
CreateMenu
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
RegisterClassW
GetMessageTime
GetMessagePos
DispatchMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
FillRect
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
ReuseDDElParam
UnpackDDElParam
WinHelpW
GetWindow
GetLastActivePopup
GetWindowThreadProcessId
GetClassNameW
GetParent
SetWindowLongW
GetWindowLongW
EqualRect
OffsetRect
IntersectRect
SetRectEmpty
GetSysColor
SetCursor
InvalidateRect
SetActiveWindow
InsertMenuItemW
MessageBoxW
RegisterDeviceNotificationW
UnregisterDeviceNotification
IsWindow
EnumDisplaySettingsW
DestroyMenu
CreatePopupMenu
SetMenu
GetMenu
TranslateAcceleratorW
LoadAcceleratorsW
IsWindowEnabled
EnableWindow
ReleaseCapture
GetCapture
GetKeyState
GetActiveWindow
SetFocus
GetDlgCtrlID
GetDlgItem
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPos
GetKeyboardState
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
CopyIcon
GetDoubleClickTime
SetClassLongPtrW
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetClientRect
RegisterHotKey
UnregisterHotKey
PostMessageW
PostQuitMessage
UnregisterClassW
SetTimer
KillTimer
CopyRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
RegisterWindowMessageW
SendMessageW
DefWindowProcW
CallWindowProcW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
GetSystemMetrics
LoadMenuW
GetSubMenu
TrackPopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
SetForegroundWindow
GetDC
ReleaseDC
GetCursorPos
GetWindowLongPtrW
SetWindowLongPtrW
GetDesktopWindow
LoadCursorW
LoadIconW
DestroyIcon
LoadImageW
CharNextW
UpdateWindow
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
PeekMessageW
GetClassInfoW
ShowWindow
SetWindowRgn

gdi32

CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
CreatePatternBrush
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
GetBkColor
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
CreatePen
CreateHatchBrush
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateCompatibleDC
CreateCompatibleBitmap
SetWindowOrgEx
CreateBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
GetUserNameW

shell32

DragQueryFileW
Shell_NotifyIconW
DragFinish
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteW
SHGetDesktopFolder
SHAppBarMessage

shlwapi

PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW

uxtheme

GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
IsAppThemed
GetThemePartSize

ole32

OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
StringFromGUID2
CoTaskMemAlloc
PropVariantClear
CLSIDFromString
StringFromCLSID
CoInitializeEx
CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
RevokeDragDrop
CoTaskMemRealloc
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor

oleaut32

VariantInit
VariantClear
VariantChangeType
SysAllocString
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantCopy
VarBstrFromDate
VarUI4FromStr

winmm

PlaySoundW
timeGetTime

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 671KB - Virtual size: 670KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e6fc4ad80ea454a5e231cfd69afacde

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

71:95:4b:e4:1c:9e:ac:fc:c5:c8:3e:6b:14:76:1d:b9Certificate

Extended Key Usages

Key Usages

61:19:93:e4:00:00:00:00:00:1cCertificate

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

f8:b1:5d:fe:71:23:0e:43:39:54:85:92:6a:b5:72:f4:13:f1:8d:28Signer

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

hid

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

winmm

oleacc

gdiplus

imm32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 671KB - Virtual size: 670KB

.data Size: 37KB - Virtual size: 109KB

.pdata Size: 86KB - Virtual size: 85KB

.rsrc Size: 50KB - Virtual size: 50KB

.reloc Size: 59KB - Virtual size: 59KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

71:95:4b:e4:1c:9e:ac:fc:c5:c8:3e:6b:14:76:1d:b9
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

f8:b1:5d:fe:71:23:0e:43:39:54:85:92:6a:b5:72:f4:13:f1:8d:28
Signer

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 671KB - Virtual size: 670KB

.data
Size: 37KB - Virtual size: 109KB

.pdata
Size: 86KB - Virtual size: 85KB

.rsrc
Size: 50KB - Virtual size: 50KB

.reloc
Size: 59KB - Virtual size: 59KB